HDP 2.4.0 provides Knox 0.6.0 and the following Apache patches:
HDP 2.3.4 provided Knox 0.6.0 and the following Apache patches:
KNOX-566:
Make the Default Ephemeral DH Key Size 2048 for TLS.
KNOX-579:
Regex based identity assertion provider with static dictionary lookup.
KNOX-581:
Hive dispatch not propagating effective principal name.
KNOX-633:
Upgrade apache commons-collections.
HDP 2.3.2 provided Knox 0.6.0 and the following Apache patches:
KNOX-598:
Concurrent JDBC clients via KNOX to Kerberized HiveServer2 causes HTTP 401 error (due to
Kerberos Replay attack error).
KNOX-599:
Template with {**} in queries are expanded with =null for query params without a
value.
HDP 2.3.0 provided Knox 0.6.0 and the following Apache patches:
BUG FIXES
KNOX-476 implementation for X-Forwarded-* headers support and population.
KNOX-546 Consuming intermediate response during kerberos request dispatching.
KNOX-550 reverting back to original hive kerberos dispatch behavior.
KNOX-559 renaming service definition files.
IMPROVEMENTS